Bugzilla – Bug 135475
When adding user. It use same default group users, and create user's directory as 755
Last modified: 2005-11-25 11:42:31 UTC
It's first time I use suse 10.0. before I used Mandrake and fedora. I noticed in suse 10.0 when you create a user with Yast2. It does not create a unique group ID for each user automaticaly; which is done in Mandrake and fedora for security reason. Instead it use a default group. Also in suse 10.0, when a user is created the permission of the user directory (/home/user) is rwxr-xr-x and the umask is set to 022 for the user. By this policy every user got access right to each other home directory. This give a bad reputation of LINUX security. In Mandrake and fedora; when you create a user. It create a unique user ID and group ID. And users directory (/home/usr ) permission is rwx------ and user umask is 077
Using the default /etc/passwd scheme
marcus: could you comment on that?
Linux is an Opensource operating system and so welcomes sharing of information. Thats why by default everyone can *READ* others directories and files (except EMails). If you need stricter permissions, you can adjust the default in /etc/login.defs (UMASK entry) Point 2, putting users into seperate groups does not specifically help system security. While there is no easy way to change this default, you can of course override it manually when creating new users.
*** Bug 135500 has been marked as a duplicate of this bug. ***